[Samba] multiple levels of group permissions on some folders in a share
TAKAHASHI Motonobu
monyo at monyo.com
Sat Aug 13 00:00:44 MDT 2011
From: "Harondel J. Sibble" <help at pdscc.com>
Date: Thu, 11 Aug 2011 08:57:41 -0700
> trying to figure out the best way to accomplish this, running samba 3.x on a
> debian system in share level mode (workgroup)
>
> have a shared folder for all the staff that they have permssions to by
> membership of being in the "staff" group, this share has about 40-50
> subfolders.
(snip)
> What's the best way to allow them access to the 5 folders without allowing
> them to get access to the other 45 or so folders?
(snip)
> I could create a new share for each folder, but if they decide to expand the
> list of allowed folders, that gets clunky.
What does your "clunky" mean? Creating 5 new shares is most easy
solution I think.
Instead if you can use ACL, you can create a group, make interns
belong to the group and add ACL entries to the 5 folders only,
which allow access to the group. Setting "hide unreadable = yes" other
45 folders cannot be seen by interns.
> So I created a new share for the intern and symlinked the 5 subfolders which
> they can see just fine, but they get a permission denied which makes
> sense since the intern account is not part of larger group with
> access to the 5 folders in question.
Setting chmod o+rwx to the 5 folders is a way I think.
---
TAKAHASHI Motonobu <monyo at samba.gr.jp>
More information about the samba
mailing list